Security Basics mailing list archives
Re: Password hashs issue
From: Dave Dearinger <ddearinger () hdnfmc com>
Date: Wed, 13 Feb 2008 11:15:27 -0800
Would this be a domain administrator account for Osem Investments Ltd. of Israel? I just noticed that it happens to be the name of an Israeli corporation and that a person using the email address juanbabi () yahoo com has posted to Hebrew language forums in the past.
Of course this is all speculation on my part. I'm just sayin' ... Google works. Juan B wrote:
Hi, I installed a sniffer (cain) in the lan and captured those hashes: osem\admin:"":"":C0486DB4163A37A100000000000000000000000000000000:4A38D0EBABB88EED889E65B54991DD13012394965AC9D022:77D205A26EFBE92D osem\support:"":"":BBCCBAD529AE258800000000000000000000000000000000:9FBFAB6785A7EAF41AD0DE20F285AC9DBA945EC20C3AE1Bosem\user_analyst:"":"":2E158D68FD3B262200000000000000000000000000000000:842F9192A7190AF20158FCB4B3E3A5E5D0BE2E7DE5C392B0:7D1D7EF0DD3920A0 osem\LDAP_anonymous:"":"":DE3D8AFCD5D2FE8A00000000000000000000000000000000:8DA07C7F7F3BC38CECFCBDDA3186BE66EA9685FE7B061172:5A128695BF6DD28F osem\administrator:"":"":76BE5E6E99AA009F97F702A69C5B9BFCDC09EBBA9F40F700:B4EBBC575171CB781859CB23279A6941981FABCD17399457:71E69612101A3557 osem\Manager:"":"":E3D22494A6388F62287F810F06B81555495AEF4F7773738A:80A123BA224D5514AA12BA6AF9697A8B110AB358A03F0D80:9361278F0206A59F Now cain tells me that the first part is LM hash and the second part is NT hash it also shows nt challenge for all of the passwords,for the first 3 users it says that the type is NTLM session security and for therest they are LN & NTLM + challenge. I want to find out what are the passwords so I triedto paste those hashes in plain-text.info but it tells me that its the wrong format, what an I doning wrong ? please help! Juan ____________________________________________________________________________________Never miss a thing. Make Yahoo your home page. http://www.yahoo.com/r/hs
Current thread:
- Password hashs issue Juan B (Feb 13)
- Re: Password hashs issue Patrick Hendrick (Feb 13)
- Re: Password hashs issue Dave Dearinger (Feb 13)
- <Possible follow-ups>
- RE: Password hashs issue Juan B (Feb 14)
- RE: Password hashs issue krymson (Feb 14)